2023-03-13 20:17:12 +00:00
|
|
|
load("@rules_pkg//pkg:pkg.bzl", "pkg_tar")
|
2023-12-13 23:31:58 +00:00
|
|
|
load("@rules_distroless//distroless:defs.bzl", "passwd")
|
2018-11-30 02:16:18 +00:00
|
|
|
|
2023-12-13 23:31:58 +00:00
|
|
|
passwd(
|
2019-12-18 20:52:26 +00:00
|
|
|
name = "passwd",
|
2023-12-13 23:31:58 +00:00
|
|
|
passwds = [
|
|
|
|
dict(
|
|
|
|
gecos = ["root"],
|
|
|
|
gid = 0,
|
|
|
|
home = "/root",
|
|
|
|
shell = "/bin/bash",
|
|
|
|
uid = 0,
|
|
|
|
username = "root",
|
|
|
|
),
|
|
|
|
dict(
|
|
|
|
gecos = ["nonroot"],
|
|
|
|
gid = 1001,
|
|
|
|
home = "/home/nonroot",
|
|
|
|
shell = "/bin/bash",
|
|
|
|
uid = 1001,
|
|
|
|
username = "nonroot",
|
|
|
|
),
|
2019-12-18 20:52:26 +00:00
|
|
|
],
|
|
|
|
)
|
|
|
|
|
|
|
|
# Create a tar file containing the created passwd file
|
|
|
|
pkg_tar(
|
|
|
|
name = "passwd_tar",
|
|
|
|
srcs = [":passwd"],
|
|
|
|
mode = "0o644",
|
|
|
|
package_dir = "etc",
|
2021-07-23 18:26:49 +00:00
|
|
|
tags = ["manual"],
|
2023-09-28 15:24:16 +00:00
|
|
|
visibility = ["//visibility:public"],
|
2019-12-18 20:52:26 +00:00
|
|
|
)
|
|
|
|
|
2023-09-28 15:24:16 +00:00
|
|
|
# Create a bash tar layer for docker images. This allows docker images to have access to the "bash"
|
|
|
|
# command and improves debugging abilities on the image.
|
|
|
|
genrule(
|
|
|
|
name = "bash_tar",
|
|
|
|
srcs = select({
|
|
|
|
"@platforms//cpu:x86_64": ["@bash_amd64//file"],
|
|
|
|
"@platforms//cpu:arm64": ["@bash_arm64//file"],
|
|
|
|
}),
|
|
|
|
outs = ["bash.tar"],
|
|
|
|
cmd = "ar x $< && xz -d data.tar.xz -c >> $@",
|
|
|
|
visibility = ["//visibility:public"],
|
|
|
|
)
|
|
|
|
|
|
|
|
# libtinfo6 is required for terminal activity and contains terminfo library.
|
|
|
|
genrule(
|
|
|
|
name = "libtinfo6_tar",
|
|
|
|
srcs = select({
|
|
|
|
"@platforms//cpu:x86_64": ["@libtinfo6_amd64//file"],
|
|
|
|
"@platforms//cpu:arm64": ["@libtinfo6_arm64//file"],
|
|
|
|
}),
|
|
|
|
outs = ["libtinfo6.tar"],
|
|
|
|
cmd = "ar x $< && xz -d data.tar.xz -c >> $@",
|
|
|
|
visibility = ["//visibility:public"],
|
|
|
|
)
|